package com.sicong.common.security.aspect;

import com.sicong.common.security.annotation.Inner;
import lombok.AllArgsConstructor;
import lombok.SneakyThrows;
import lombok.extern.slf4j.Slf4j;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.security.access.AccessDeniedException;

import javax.servlet.http.HttpServletRequest;

/**
 * 服务间调用不鉴权逻辑
 *
 * @author chenww
 * @date 2020-12-25
 */
@Slf4j
@Aspect
@AllArgsConstructor
public class InnerAspect {

    private final HttpServletRequest request;

    @SneakyThrows
    @Around("@annotation(inner)")
    public Object around(ProceedingJoinPoint point, Inner inner) {
        String header = request.getHeader("Inner");
        if (inner.value() && !"Inner".equals(header)) {
            log.warn("访问接口 {} 没有访问权限", inner.value());
            throw new AccessDeniedException("访问被拒绝");
        }
        return point.proceed();
    }

}
